<?php
/**
 * SHOP 控制台首页
 * ============================================================================
 * 网络科技有限公司，并保留所有权利。
*/
header("Content-Type:text/html;charset=utf-8");
require_once(str_replace('/admin/includes','/includes',str_replace('\\', '/', dirname(__FILE__))) . '/safety.php');
if (!defined('IN_ZYS'))
{
    die('Hacking attempt');
}
	
error_reporting(E_ALL);

if (__FILE__ == '')
{
    die('Fatal error code: 0');
}

/* 初始化设置 */
@ini_set('memory_limit',          '64M');
@ini_set('session.cache_expire',  1800);
@ini_set('session.use_trans_sid', 0);
@ini_set('session.use_cookies',   1);
@ini_set('session.auto_start',    0);
@ini_set('display_errors',        1);

if (DIRECTORY_SEPARATOR == '\\')
{
    @ini_set('include_path',      '.;' . ROOT_PATH);
}
else
{
    @ini_set('include_path',      '.:' . ROOT_PATH);
}

if (file_exists('../data/config.php'))
{
    include('../data/config.php');
}
else
{
    include('../includes/config.php');
}

/* 取得当前shop所在的根目录 */
if(!defined('ADMIN_PATH'))
{
    define('ADMIN_PATH','admin');
}
define('ROOT_PATH', str_replace(ADMIN_PATH . '/includes/init.php', '', str_replace('\\', '/', __FILE__)));
if (defined('DEBUG_MODE') == false)
{
    define('DEBUG_MODE', 0);
}

if (PHP_VERSION >= '5.1' && !empty($timezone))
{
    date_default_timezone_set($timezone);
}

if (isset($_SERVER['PHP_SELF']))
{
    define('PHP_SELF', $_SERVER['PHP_SELF']);
}
else
{
    define('PHP_SELF', $_SERVER['SCRIPT_NAME']);
}
require(ROOT_PATH . 'includes/cls_zyshop.php');
require(ROOT_PATH . 'includes/cls_error.php');
require(ROOT_PATH . 'includes/lib_base.php');
require(ROOT_PATH . 'includes/lib_common.php');
require(ROOT_PATH . ADMIN_PATH . '/includes/lib_main.php');
require(ROOT_PATH . ADMIN_PATH . '/includes/lib_lsc.php');
require(ROOT_PATH . ADMIN_PATH . '/includes/lib_lyc.php');
require(ROOT_PATH . ADMIN_PATH . '/includes/lib_lxd.php');
require(ROOT_PATH . ADMIN_PATH . '/includes/cls_exchange.php');


/* 对用户传入的变量进行转义操作。*/
if (!get_magic_quotes_gpc())
{
    if (!empty($_GET))
    {
        $_GET  = addslashes_deep($_GET);
    }
    if (!empty($_POST))
    {
        $_POST = addslashes_deep($_POST);
    }

    $_COOKIE   = addslashes_deep($_COOKIE);
    $_REQUEST  = addslashes_deep($_REQUEST);
}

/* 对路径进行安全处理 */
if (strpos(PHP_SELF, '.php/') !== false)
{
    ecs_header("Location:" . substr(PHP_SELF, 0, strpos(PHP_SELF, '.php/') + 4) . "\n");
    exit();
}

/* 创建 SHOP 对象 */
$zys = new ZYS($db_name, $prefix);
define('DATA_DIR', $zys->data_dir());
define('IMAGE_DIR', $zys->image_dir());

/* 初始化数据库类 */
require(ROOT_PATH . 'includes/cls_mysql.php');
$db = new cls_mysql($db_host, $db_user, $db_pass, $db_name);
$db_host = $db_user = $db_pass = $db_name = NULL;

/*引入分页类*/
require(ROOT_PATH.'includes/page.class.php');

/* 创建错误处理对象 */
$err = new ecs_error('message.htm');

/* 初始化session */
require(ROOT_PATH . 'includes/cls_session.php');
$sess = new cls_session($db, $zys->table('sessions'), $zys->table('sessions_data'), 'ECSCP');

/* 初始化 action */
if (!isset($_REQUEST['act']))
{
    $_REQUEST['act'] = '';
}
elseif (($_REQUEST['act'] == 'login' || $_REQUEST['act'] == 'logout' || $_REQUEST['act'] == 'signin') &&
    strpos(PHP_SELF, '/privilege.php') === false)
{
    $_REQUEST['act'] = '';
}
elseif (($_REQUEST['act'] == 'forget_pwd' || $_REQUEST['act'] == 'reset_pwd' || $_REQUEST['act'] == 'get_pwd') &&
    strpos(PHP_SELF, '/get_password.php') === false)
{
    $_REQUEST['act'] = '';
}

/* 载入系统参数 */
$_CFG = load_config();

//获取表前缀
function ly(){
	global $prefix;
	return $prefix;
}
/* 创建 Smarty 对象。*/
require(ROOT_PATH . 'includes/libs/Smarty.class.php');
$smarty = new Smarty;
$smarty->template_dir  = ROOT_PATH . ADMIN_PATH . '/templates';//模板路径
$smarty->compile_dir   = ROOT_PATH . 'temp/compiled/admin';//缓存存放目录
$smarty->left_delimiter	 = '{%'; 				//左右边界符
$smarty->right_delimiter = '%}';					//左右边界符
$smarty->debugging		 = false;				//是否开启debug
$smarty->caching		 = false;				//是否开启缓存
$smarty->cache_lifetime	 = 120;					//缓存时间
//$smarty->force_compile = true;
//全局变量

$smarty->assign('URL', "templates/");//网站路径
$smarty->assign('web_name', $_CFG['shop_name']);//网站名称
$smarty->assign('web_desc', $_CFG['shop_desc']);//描述
$smarty->assign('web_keywords', $_CFG['shop_keywords']);//关键词
$smarty->assign('session', $_SESSION);//session数据

//当前不为验证码的时候
$url= substr($_SERVER['PHP_SELF'],strripos($_SERVER['PHP_SELF'],"/")+1);
if($url<>'imgcode_admin.php'){
	/* 验证管理员身份 */
	if ((!isset($_SESSION['admin_id']) || intval($_SESSION['admin_id']) <= 0) &&
		$_REQUEST['act'] != 'login' && $_REQUEST['act'] != 'signin' &&
		$_REQUEST['act'] != 'forget_pwd' && $_REQUEST['act'] != 'reset_pwd' && $_REQUEST['act'] != 'check_order' && $_REQUEST['act'] != 'yq_login' && $_REQUEST['act'] != 'is_yunqi_admin' && $_REQUEST['act'] != 'get_certificate')
	{
		/* session 不存在，检查cookie */
		if (!empty($_COOKIE['ECSCP']['admin_id']) && !empty($_COOKIE['ECSCP']['admin_pass']))
		{
			// 找到了cookie, 验证cookie信息
			$sql = 'SELECT user_id, user_name, password, action_list, last_login ' .
					' FROM ' .$zys->table('admin_user') .
					" WHERE user_id = '" . intval($_COOKIE['ECSCP']['admin_id']) . "'";
			$row = $db->GetRow($sql);
	
			if (!$row)
			{
				// 没有找到这个记录
				setcookie($_COOKIE['ECSCP']['admin_id'],   '', 1);
				setcookie($_COOKIE['ECSCP']['admin_pass'], '', 1);
	
				if (!empty($_REQUEST['is_ajax']))
				{
					make_json_error($_LANG['priv_error']);
				}
				else
				{
					ecs_header("Location: privilege.php?act=login\n");
					
				}
	
				exit;
			}
			else
			{
				// 检查密码是否正确
				if (md5($row['password'] . $_CFG['hash_code']) == $_COOKIE['ECSCP']['admin_pass'])
				{
					!isset($row['last_time']) && $row['last_time'] = '';
					set_admin_session($row['user_id'], $row['user_name'], $row['action_list'], $row['last_time']);
	
					// 更新最后登录时间和IP
					$db->query('UPDATE ' . $zys->table('admin_user') .
								" SET last_login = '" . gmtime() . "', last_ip = '" . real_ip() . "'" .
								" WHERE user_id = '" . $_SESSION['admin_id'] . "'");
				}
				else
				{
					setcookie($_COOKIE['ECSCP']['admin_id'],   '', 1);
					setcookie($_COOKIE['ECSCP']['admin_pass'], '', 1);
	
					if (!empty($_REQUEST['is_ajax']))
					{
						make_json_error($_LANG['priv_error']);
					}
					else
					{
						ecs_header("Location: privilege.php?act=login\n");
					}
	
					exit;
				}
			}
		}
		else
		{
			if (!empty($_REQUEST['is_ajax']))
			{
				make_json_error($_LANG['priv_error']);
			}
			else
			{
				ecs_header("Location: privilege.php?act=login\n");
			}
	
			exit;
		}
	}
}
/* 判断是否支持gzip模式 */
if (gzip_enabled()){
    ob_start('ob_gzhandler');
}else{
    ob_start();
}

?>
